[PATCH] s4-drs: replmd_delete implementation

tridge at samba.org tridge at samba.org
Tue Nov 24 20:58:58 MST 2009 

Hi Eduardo,

 > ret = ldb_msg_add_empty(msg, "badPwdCount", LDB_FLAG_MOD_DELETE, &el);

that looks fine, I suspect you have something else wrong in the
surrounding code. You didn't attach a patch so I can't tell you what
is wrong.

I've written a simple example for you to look at though. Have a
careful look at this example function:

static int change_example(struct ldb_context *ldb)
{
	TALLOC_CTX *tmp_ctx = talloc_new(ldb);
	struct ldb_message *msg;
	struct ldb_message_element *el;
	int ret;

	/* create a message which describes what we want to change
	   about the object */
	msg = ldb_msg_new(tmp_ctx);

	/* we need to say which object we want to change */
	msg->dn = ldb_dn_new(msg, ldb, "CN=foouser,CN=Users,DC=bludom,DC=tridgell,DC=net");
	
	/* let's remove badPwdCount */
	ldb_msg_add_empty(msg, "badPwdCount", LDB_FLAG_MOD_DELETE, &el);

	/* let's add isDeleted=TRUE */
	ldb_msg_add_string(msg, "isDeleted", "TRUE");
	msg->elements[1].flags = LDB_FLAG_MOD_ADD;
	
	/* and let's change badPasswordTime to 1234 (for no good reason!) */
	ldb_msg_add_fmt(msg, "badPasswordTime", "%u", 1234);
	msg->elements[2].flags = LDB_FLAG_MOD_REPLACE;

	/* for completness, let's print the message. This is good for debugging */
	printf("We are changing:\n%s\n", 
	       ldb_ldif_message_string(ldb, tmp_ctx, 
					 LDB_CHANGETYPE_MODIFY, 
				       msg));

	/* now ask ldb to actually make the modification */
	ret = ldb_modify(ldb, msg);
	printf("modify gave: %d - '%s'\n", ret, ldb_errstring(ldb));


	talloc_free(tmp_ctx);
	return ret;
}

the above code does all of the things you are trying to do I think. It
adds a new attribute (isDeleted). It removes an attribute
(badPwdCount) and it modifies an attribute (badPasswordTime).

You might like to use the ldb_ldif_message_string() function I show
above it your code to help you with debugging. It allows you to print
out what you are asking ldb_modify() to change about the object. For
example, when I run the above example I get this:

  We are changing:
  dn: CN=foouser,CN=Users,DC=bludom,DC=tridgell,DC=net
  changetype: modify
  delete: badPwdCount
  -
  add: isDeleted
  isDeleted: TRUE
  -
  replace: badPasswordTime
  badPasswordTime: 1234
  -

  modify gave: 0 - '(null)'

so the code is printing out the changes that are being requested in
ldif format. That format is what the ldbmodify command line tool
accepts.

 > But when I run this code, the field is not deleted and isDeleted and
 > lastKnownParent are not added to the object. (If I don't use this code,
 > isDeleted and lastKnownParent are inserted correctly).

make sure you are looking at any errors that ldb gives with
ldb_errstring(). Also please print the msg using
ldb_ldif_message_string(). Together that should allow you to isolate
the problem.

If you are still stuck, then please push what you've done to your
repository so I can see the code as a whole rather than individual
lines of code.

Cheers, Tridge

More information about the samba-technical mailing list